Smart Antennas and Hypervisor: Enabling Secure Convergence. July 5, 2017

Similar documents
Safe Multi-Display Cockpit Controller

Safety and Security for Automotive using Microkernel Technology

Interaction between AUTOSAR and non-autosar Systems on top of a Hypervisor

Mentor Automotive Save Energy with Embedded Software! Andrew Patterson Presented to CENEX 14 th September 2016

10 th AUTOSAR Open Conference

Security and Performance Benefits of Virtualization

SIMPLIFYING THE CAR. Helix chassis. Helix chassis. Helix chassis WIND RIVER HELIX CHASSIS WIND RIVER HELIX DRIVE WIND RIVER HELIX CARSYNC

Multicore platform towards automotive safety challenges

How Security Mechanisms Can Protect Cars Against Hackers. Christoph Dietachmayr, CIS Solution Manager EB USA Techday, Dec.

10 th AUTOSAR Open Conference

Communication Patterns in Safety Critical Systems for ADAS & Autonomous Vehicles Thorsten Wilmer Tech AD Berlin, 5. March 2018

Linux and AUTOSAR Vector Informatik Congress, Stuttgart,

Infotainment Solutions. with Open Source and i.mx6. mentor.com/embedded. Andrew Patterson Business Development Director Embedded Automotive

Using a Separation Kernel to Protect against the Remote Exploitation of Unaltered Passenger Vehicles

HW isolation for automotive environment BoF

Using a Certified Hypervisor to Secure V2X communication

Virtual Open Systems (VOSyS)

Xen Automotive Hypervisor Automotive Linux Summit 1-2 July, Tokyo

Automotive Anomaly Monitors and Threat Analysis in the Cloud

ARM processors driving automotive innovation

How to Introduce Virtualization in AGL? Objectives, Plans and Targets for AGL EG-VIRT

Trusted Platform Modules Automotive applications and differentiation from HSM

Software integration challenge multi-core experience from real world projects

OP-TEE Using TrustZone to Protect Our Own Secrets

A Big Little Hypervisor for IoT Development February 2018

Trusted Execution Environments (TEE) and the Open Trust Protocol (OTrP) Hannes Tschofenig and Mingliang Pei 16 th July IETF 99 th, Prague

Hypervisor Market Overview. Franz Walkembach. for GENIVI AMM, April 19 th, 2018 (Munich) SYSGO AG Public

Designing Security & Trust into Connected Devices

A Developer's Guide to Security on Cortex-M based MCUs

Advanced IP solutions enabling the autonomous driving revolution

Presentation's title

Designing, developing, debugging ARM Cortex-A and Cortex-M heterogeneous multi-processor systems

mbed OS Update Sam Grove Technical Lead, mbed OS June 2017 ARM 2017

Virtual Hardware ECU How to Significantly Increase Your Testing Throughput!

Introduction to Adaptive AUTOSAR. Dheeraj Sharma July 27, 2017

How to protect Automotive systems with ARM Security Architecture

The Remote Exploitation of Unaltered Passenger Vehicles Revisited. 20 th October 2016 Mark Pitchford, Technical Manager, EMEA

Addressing Complexity in Connected & Autonomous Vehicles (and in fact everything else )

10 th AUTOSAR Open Conference

Building High Performance, Power Efficient Cortex and Mali systems with ARM CoreLink. Robert Kaye

Arccore AB 2017, all rights reserved. Accelerating innovation

Scalable and Flexible Software Platforms for High-Performance ECUs. Christoph Dietachmayr Sr. Engineering Manager, Elektrobit November 8, 2018

RazorMotion - The next level of development and evaluation is here. Highly automated driving platform for development and evaluation

Designing Security & Trust into Connected Devices

Designing Security & Trust into Connected Devices

1000BASE-T1 from Standard to Series Production

Live Demo: A New Hardware- Based Approach to Secure the Internet of Things

Cortex-A75 and Cortex-A55 DynamIQ processors Powering applications from mobile to autonomous driving

SIERRAWARE SIERRATEE FOR MIPS OMNISHIELD

Trustzone Security IP for IoT

EDGE COMPUTING & IOT MAKING IT SECURE AND MANAGEABLE FRANCK ROUX MARKETING MANAGER, NXP JUNE PUBLIC

What s In Your e-wallet? Using ARM IP to Enable Security in Mobile Phones. Richard Phelan Media Processing Division TrustZone Security Technology

Adaptive AUTOSAR Extending the Scope of AUTOSAR-based Embedded Software

ARMv8 port of the Jailhouse hypervisor

Securing IoT with the ARM mbed ecosystem

Convergence of Safety, Systems & Cybersecurity Bill StClair, Director, LDRA, US Operations

Sicherheitsaspekte für Flashing Over The Air in Fahrzeugen. Axel Freiwald 1/2017

Virtualization of Heterogeneous Electronic Control Units Testing and Validating Car2X Communication

Over 350M i.mx SOCs shipped to date Over 92M i.mx shipped in vehicles since 2007 #1 in Auto Infotainment Applications Processors

Open Source in Automotive Infotainment

Designing a software framework for automated driving. Dr.-Ing. Sebastian Ohl, 2017 October 12 th

AUTOSAR design flow. Yoon-Jin Kim Application Engineer. July mentor.com/automotive

Silver Bullet of Virtualization. Challenges and Concerns. May 27, 2013 v1.0

Resilient IoT Security: The end of flat security models

Adaptive AUTOSAR Extending the Scope of AUTOSAR-based Embedded Software

Architecture concepts in Body Control Modules

Virtualizaton: One Size Does Not Fit All. Nedeljko Miljevic Product Manager, Automotive Solutions MontaVista Software

i.mx アプリケーション プロセッサ ARM Processor for Automotive Sadeque Hanif Marketing, Microcontrollers External Use

November 16, TTTech Computertechnik AG / TTTech Auto AG Copyright TTTech Auto AG. All rights reserved

SECURIFY: A COMPOSITIONAL APPROACH OF BUILDING SECURITY VERIFIED SYSTEM

Verification Futures The next three years. February 2015 Nick Heaton, Distinguished Engineer

Turbocharging Connectivity Beyond Cellular

ACRN: A Big Little Hypervisor for IoT Development

Automotive Cybersecurity: A steep learning curve

The Adaptive Platform for Future Use Cases

Compute solutions for mass deployment of autonomy

Lecture 3 MOBILE PLATFORM SECURITY

Creating a Practical Security Architecture Based on sel4

ISO meets AUTOSAR - First Lessons Learned Dr. Günther Heling

Product Information Embedded Operating Systems

Countermeasures against Cyber-attacks

SW-Update. Thomas Fleischmann June 5 th 2015

Connecting Securely to the Cloud

AGL Reference Hardware Specification Document

TRESCCA Trustworthy Embedded Systems for Secure Cloud Computing

ivilink Automotive Connectivity Framework Overview

IoT It s All About Security

Growth outside Cell Phone Applications

MIGRATING TO CAN FD. Tony Adamson. Marketing Director CAN / LIN / FlexRay

What s New in QNX SDP 7.0?

Cortex-A75 and Cortex-A55 DynamIQ processors Powering applications from mobile to autonomous driving

Cyber security mechanisms for connected vehicles

Market Trends and Challenges in Vehicle Security

Autonomous Driving needs Safety & Security. Embedded World 2018 Dr. Ciwan Gouma

Embedded Software: Its Growing Influence on the Hardware world

Tailoring TrustZone as SMM Equivalent

Software Engineering at VMware Dan Scales May 2008

Linux in Automotive From Open Source to Products

Abstract. Testing Parameters. Introduction. Hardware Platform. Native System

Certifying Program Execution with Secure Processors. Benjie Chen Robert Morris Laboratory for Computer Science Massachusetts Institute of Technology

Transcription:

Smart Antennas and : Enabling Secure Convergence July 5, 2017

About OpenSynergy OpenSynergy develops software solutions for embedded automotive systems. OpenSynergy s product portfolio includes key software components necessary to create efficient automotive solutions in the areas of: Infotainment Connectivity Driver Information Driver Assistance 2

OpenSynergy Focus Domain Convergence Connected Car Instrument Cluster Head Unit ADAS Connectivity Integration on a single ECU Safety & Security Standardization Towards autonomous cars 3

OpenSynergy Portfolio Products Services COQOS SDK Update SDK Blue SDK Voice SDK -based software integration platform Secure modular software update framework Dual-mode embedded Bluetooth stack Audio processing library Automotive-quality software development services Safety & security Fast-boot and secure boot Linux, Android, AUTOSAR Sharing of devices Complete automotive use-cases out of the box Secure and robust Takes advantage of hypervisor Modular architecture Modular software update Supports complex automotive use-cases Supports latest standard Easy integration Vendor-independent Satisfies automotive requirements Multi-microphone / beam-forming Easy to tune & port Protocol stacks for Car2Cloud (embedded and backend) Product porting and customization Complete ECU software Infotainment Connectivity Driver information Driver assistance All automotive ECUs Infotainment Connectivity Non-automotive Infotainment Connectivity System Supervisor Early Apps, e.g. Rear-View Camera Third party Shared Devices Shared Graphics Shared Driver Secure Boot Modular Boot B o o t l o a d e r OpenSynergy Tier 1 Infotainment Connectivity Driver information Driver assistance 4

Smart Antenna 2.5, 3, 4, 5G (DVB-T2 / ISDB-T) GNSS AM/FM / DAB / DAB+/ DMB / CMB / DRM Bluetooth / WiFi Car2X Single-chip solutions reduce cost, space, weight and thermal management issues. non-safety critical safety critical RTOS 5

What is a hypervisor VM Guest VM Guest Host A hypervisor is a software layer that creates and runs "virtual machines" (VMs). The device on which the hypervisor runs is called the host. Each virtual machine runs a guest Operating System. The hypervisor separates the VMs protects their resources manages their execution provides controlled communication channels between the VMs assure freedom from interference between the VMs. 6

Architecture Applications Applications Applications Applications virt. Guest OS Linux virt. Guest OS Android virt. Guest OS System Other AUTOSAR Supervisor Guest OS IXCF (Inter-X Communication Framework) AUTOSAR OS COQOS Bootloader + Safety Kit Configuration Tooling Development/Debugging 7

Architecture VM VM VM Configuration GIC Timer Driver IXCF Core Services Inter-VM Scheduler Signaling Timer Queues Serial MUX Virtual Firmware Core Devices CPU sharing logic Driver Guest OS virtual Guest Guest Userland UART Firmware Device Device 8 IXCF = Inter-X Communication Framework

Multi Core Support VM A (with two virtual cores) VM B (with one virtual core) VM M (with multiple virtual cores) VM pay loads guest OS scheduler... vcore A.0 vcore A.1 vcore M.0 vcore B.0... vcore M.n COQOS (with multiple physical cores) Core 0 Core 1 Core 2 Core N 9

General challenge of "device sharing" virtualized system: several VMs need to use the services provided by a single device native system Native (single) OS VM Service (send Ethernet frame, use shader on GPU, play audio,...) Service (...) VM Service (...)...? Device Driver Device (Ethernet, WiFi, Bluetooth, GPU, Graphics, Audio,...) Device (Ethernet, WiFi, Bluetooth, GPU, Graphics, Audio,...) 10

Mechanisms for device sharing in device with virtualization support low-level client-server v v device virtdev1 virtdevn IXCF sharing distributed frameworks over VNET framework VNET framework device device 11

Safety and Security Safety guards the World from the car. (Cyber)Security guards the car from the World. As soon as the car is inter-connected with World then security is needed for safety. The technical measures to achieve system safety and security goals are similar. 12

Design Patterns for Safety VM without ASIL requirements... VM that underlies ASIL requirements (ASIL) External MCU External Watchdog (ASIL) Mixed ASIL system according to ISO26262 by: o use a hierarchical watchdog approach o use checking/monitoring strategies wherever possible o use E2E protection in the communication wherever possible freedom from interference to with separated VMs 13

Design Patterns for Security external interfaces attack General Purpose VM... Hardened VM Trusted OS (TEE) External Security Chip (certified) Security features security assurance MILS (Multiple Independent Levels of Security) architecture ensures strong separation between VMs support -specific hardware security support secure software update 14

System Supervisor: watchdog hierarchy HW watchdog System Supervisor hypervisor critical VM critical VM critical VM 15

Strong Separation VM without ASIL requirements / untrusted VM SMMU Controller VM that underlies ASIL requirements / hardened VM COQOS S-MMU Device with DMA SMMU = System MMU, or IO-MMU DMA = Direct Memory Access 16

Secure Boot Boot Loader Trusted OS (optional) 1st VM 2nd VM... Signature Verification Boot process Image verification first and load authorization 17

OP-TEE Support Untrusted VM Untrusted VM Trusted VM OP-TEE (*) Trusted Applications Client Trusted Applications OP-TEE API Crypto API COQOS Private keys Secure World (TrustZone) Normal World Crypto Functions Secure Storage (*) Open Portable Trusted Execution Environment, available from Linaro 18

Software Update update package Untrusted VM Trusted VM Fetcher Updater COQOS 19

Use-Case Smart Antenna 2.5, 3, 4, 5G (DVB-T2 / ISDB-T) GNSS AM/FM / DAB / DAB+/ DMB / CMB / DRM Bluetooth / WiFi Car2X safety critical System Supervisor non-safety critical RTOS Update Single-chip solutions reduce cost, space, weight and thermal management issues. Security is a big concern: separation through a hypervisor provides an additional level of isolation between exposed communication stacks (Car2Cloud) and vehicle systems. Functions with an impact on vehicle safety can be integrated in a separate VM: e.g. a Car2X communication stack with secured communication to ADAS devices in the car. AUTOSAR eases the integration with the vehicle systems. Linux provides easy development and integration of communication stacks. 20

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback